节点因传输端点未连接而崩溃 mysqld 收到信号 6 (CVE-2023-5157)

2023-11-29 20:58:40 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

CVE编号

CVE-2023-5157

利用情况

暂无

补丁情况

官方补丁

披露时间

2023-09-25

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://access.redhat.com/errata/RHSA-2023:5683
https://access.redhat.com/errata/RHSA-2023:5684
https://access.redhat.com/errata/RHSA-2023:6821
https://access.redhat.com/errata/RHSA-2023:6822
https://access.redhat.com/errata/RHSA-2023:6883
https://access.redhat.com/security/cve/CVE-2023-5157
https://bugzilla.redhat.com/show_bug.cgi?id=2240246

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	mariadb	mariadb	*		Up to (excluding) 10.4.26
	运行在以下环境
	应用	mariadb	mariadb	*	From (including) 10.5.0	Up to (excluding) 10.5.17
	运行在以下环境
	应用	mariadb	mariadb	*	From (including) 10.6.0	Up to (excluding) 10.6.9
	运行在以下环境
	应用	mariadb	mariadb	*	From (including) 10.7.0	Up to (excluding) 10.7.5
	运行在以下环境
	应用	mariadb	mariadb	*	From (including) 10.8.0	Up to (excluding) 10.8.4
	运行在以下环境
	系统	anolis_os_8	mariadb-embedded	*		Up to (excluding) 1.10.8-7
	运行在以下环境
	系统	debian_10	galera-3	*		Up to (including) 25.3.25-2
	运行在以下环境
	系统	debian_11	galera-3	*		Up to (including) 25.3.37-0+deb11u1
	运行在以下环境
	系统	debian_12	galera-3	*		Up to (including) 25.3.37-1
	运行在以下环境
	系统	debian_sid	galera-3	*		Up to (including) 25.3.37-1
	运行在以下环境
	系统	oracle_8	oraclelinux-release	*		Up to (excluding) 10.5.22-1.module+el8.8.0+21173+e955d7af
	运行在以下环境
	系统	oracle_9	oraclelinux-release	*		Up to (excluding) 10.5.22-1.el9_2
	运行在以下环境
	系统	redhat_9	mariadb-oqgraph-engine-debuginfo	*		Up to (excluding) 10.5.22-1.el9_2
	运行在以下环境
	系统	unionos_e	mariadb	*		Up to (excluding) mariadb-10.3.39-1.uel20